[15-PDF]
[15-PS]
Quantum and Stochastic Branching Programs of Bounded Width.
(with Farid Ablayev and Cris Moore)
29th International Colloquium on Automata, Languages,
and Programming (ICALP). 2002.
p.343--354. Earlier
versions can be found at ECCC
TR02-013 and LANL quant-ph/020113. The upper bound result in the ICALP paper needed
a syntactic restriction. This has been revised in the ECCC and LANL version and in the
version on-line here.

Apr. 10. 2006. When can S12 prove the weak pigeonhole principle? Talk
given at Newton Mathematical Institute, Cambridge University. An embarassing glitch appeared
in a proof in the original talk on the next to last slide. This is corrected in the version I am posting here.

It is well known result of Krajicek and Pudlak that if S12 could prove
the injective weak pigeonhole principle for every polynomial time function
then RSA would not be secure. In this talk, we will consider function
algebras based on a common characterization of the polynomial time functions
where we slightly modify the initial functions and further restrict the amount
of allowable recursion. We will then argue that S12 can prove the
surjective weak pigeonhole principle for functions in this algebra.

Branching programs of bounded width are a nonuniform model of computation which can be viewed as
generalizing finite automata. As such they are a relatively simple model of computation and quantum
versions of branching programs might serve as a good model on which to develop potentially implementable
quantum algorithms. In this talk we will introduce quantum branching programs and discuss upper and lower
bounds in terms of deterministic and stochastic models of computation on what kind of algorithms are
implementable on quantum branching programs.

Dec. 1. 2005. Video Game Engines. Talk given to High School Students at National Hispanic University Charter
High School.

Apr. 16. 2005. Circuits Principles and Weak Pigeonhole Principles. Talk
given at AMS Sectional Meeting #1007, UC Santa Barbara, Special Session on Complexity of Computation
and Algorithms. (Joint work with Norman
Danner.) The next four talks listed below are very similar, this talk's set of slides is probably
the best. I am retiring this talk at this point.

This talk considers the relational versions of the surjective and multifunction weak pigeonhole
principles for various classes
of formulas. These principles are interesting because of their close connection to the provability of
circuit lower bounds,
and hence the P versus NP question, in weak systems of arithmetic. We show that the relational
surjective pigeonhole
principle for Θb1 in S12 implies a circuit
block-recognition principle which in turn implies the surjective weak
pigeonhole principle for Σb1 formulas. We introduce a class of predicates
corresponding to poly-log length iterates of
polynomial-time computable predicates and show that over R12, the multifunction
pigeonhole principle for such predicates
is equivalent to an "iterative" circuit block-recognition principle. A consequence of this is that if
R23 proves this circuit
iteration principle then RSA is vulnerable to quasi-polynomial time attacks.

This talk discusses joint work of myself with Norman Danner of Wesleyan
University.
I began the talk by presenting a recent result of Jerabek on
the surjective weak pigeonhole principle for p-time functions. Namely,
that over the theory S12 this principle is
equivalent to the
existence of a string which is hard for any circuit of size nk.
This
shows that T22, a slightly stronger theory, can
prove a predicate
exists which is hard for circuits of size nk. Krajicek and
Pudlak have shown if the injective weak pigeonhole principle
for p-time functions is witnessable from a class C
satisfying PTIMEC = C then RSA is insecure against
attacks from C. As the multifunction weak pigeonhole
principle
implies both the injective and surjective principles, it is natural to
wonder if there is any circuit class such that the existence of a hard
string for this class is equivalent to the multifunction weak pigeonhole
principle for the analogous uniform class. We show that for
R22, a
theory between T22 and S12
in strength, the multifunction weak
pigeonhole principle for quasi-log iterated p-time relations is
equivalent to circuit lower bounds for quasi-log iterated p-size
circuits. Thus, we show if R22 could prove lower
bounds for this
class of circuits, one can also show RSA is insecure against
quasi-polynomial time attacks.

This paper/talk considers the relational versions of the surjective and
multifunction
weak pigeonhole principles for PV, Σb1 and
Θb2-formulas.
We show that the relational
surjective pigeonhole principle for Θb2-formulas
in S12
implies a circuit block-recognition principle which in turn
implies the surjective weak pigeonhole principle for
Σb1
formulas.
We introduce a class of predicates corresponding to poly-log length
iterates of polynomial-time computable predicates and show that
over R22, the multifunction pigeonhole principle for
such predicates
is equivalent to an ``iterative'' circuit block-recognition principle.
A consequence of this is that if
R23 proves this circuit iteration principle then RSA
is vulnerable to
quasi-polynomial time attacks.

The weak pigeonhole principle for a relation says that the relation does not represent a map of n2 pigeons into n
holes such
that each pigeon is mapped and each hole only gets one pigeon. This principle for polynomial time relations is closely
connected with the RSA cryptographic scheme. In particular, Krajicek and Pudlak have shown that if given any polynomial time
relation one can find a polynomial time algorithm which finds for this relation either an unmapped pigeon or two pigeons in
the the same hole, then one could break RSA in polynomial time. In this talk we will discuss this result. It is also an open
area of research how much mathematics is needed to prove the weak pigeonhole principle. We will show this problem for
certain weak systems is connected to whether the system can prove lower bounds on the the size of circuits. After discussing
several results of this type from our own research and that of Jerabek, we will finally connect this back to the security of
RSA.

In this talk I will survey some techniques which can be used to show
unrelativized independence results for questions like NP vs coNP, the
collapse of the polynomial hierarchy, or Hilbert's Tenth Problem in weak
systems of arithmetic. I will also present some new results concerning the
limits of formalizing padding arguments in commonly studied weak
arithmetics.

Branching Programs have proven to be a useful model of computation in a
variety of domains such as hardware verification, model checking, and
other CAD applications. As branching programs are also a very simple model
of computation with several easy ways to restrict their power, it is
interesting to generalize the branching program model to the quantum
setting. In this talk I will survey some of the known results about
classical branching programs, discuss (assuming no background in quantum
mechanics) how both classical and quantum branching program models work,
and describe some of our results concerning the power of the quantum
branching program model.

We discuss the provability of Matijasevich-Robinson-Davis-Putnam (MRDP)
result in
weak systems of arithmetic. It is a well-known result of Gaifman and
Dimitricopoulos IDelta_0+exp proves MRDP. What was shown in their
result was that every bounded
formula in their language could be rewritten as a formula consisting
of an existential block
of quantifiers followed by an equation of the form p = q where p and q
are polynomials. By Parikh's
Theorem, IDelta_0+exp cannot prove the existence of superexponentially fast
growing functions. Therefore, one could ask whether if one expanded the
language by IDelta_0+exp's access to it, then one could obtain
a system unable to prove MRDP in this new language. This is possible
because now
the bounds on the quantifiers that need to be eliminated are larger
than before. In fact,
we construct a system that cannot prove MRDP and show as well that it
cannot prove
NP = co-NP in a certain very uniform way.

Many complexity classes in computer science, for example,
functions in PTIME, LOGSPACE, NC, AC^0, have characterizations in terms of
being the provably "NP-definable" functions of some weak theory of
arithmetic. If the complexity class in question is known not to be equal
to NP, this
can be used to show the weak system of arithmetic cannot prove NP = co-NP.
The problem with this kind of result is, of course, you need to be able to
show first that the complexity class in question is different from NP. For
all but the weakest classes this question has been open for quite some
time. In this talk I will survey some of my own work in this area as well
as some recent work of Ressayre and Boughattas. Then I will present some
new results of mine based on Nepomnjascij's Theorem that get around this
barrier in a slightly different setting related to the problem of whether
nondeterministic linear time is equal to co-nondeterministic linear
time and related to how strong a theory of arithmetic is needed to prove
the Matiyasevich-Robinson-Davis-Putnam Theorem.

Hilbert's Tenth problem concerned the decidability of Diophantine
equations over the integers. Its negative solution, Matiyassevich's
theorem, amounted to showing that the class of formulas of the form
(exists y)P(x,y)=Q(x,y)
where P, Q are polynomials with natural number coefficients is equivalent
to the class of recursively enumerable sets. The bounded form of Hilbert's
Tenth problem is whether the NP-predicates are the class D of predicates
given by formulas of the form
( exists y)[(\sum_j yj <= 2^{|\sum_i xi|^k}) /\ P(x,y)=Q(x, y)]
where P, Q are polynomials with natural coefficients. This problem is
related to the average case completeness of certain NP-problems.
In this talk we give lower bounds on the provability of both these
problems in weak fragments of arithmetic. We show the theory I^5E cannot
prove D=NP. Here I^mE has a finite set of axioms and induction on bounded
existential formulas up to m lengths of a number for the language L_2,
which has the symbols <= , 0, S, +, x#y, |x|, 2^{|x||y|}, \lfloor x/2^i
\rfloor, and limited subtraction. We use the non-provability of D=NP to
show that I^5E cannot prove the Matiyassevich's theorem.

Bounded arithmetic theories are weak fragments of arithmetic useful in the
study of computational complexity classes. In this talk we will discuss known
techniques for doing independence proofs in these theories. We will then
consider the question of classifying the
Sigma^b_1≠definable multifunctions of a particular bounded arithmetic
theory, S_2. Such a classification might prove useful in proving new
independence results. We will then indicate why
an implicit complexity approach to this characterization might be
reasonable.

In Pollett~\cite{cpollett00} a bounded arithmetic theory $Z$ was shown not
to be able to prove the collapse of the polynomial hierarchy. This theory
also had the property that if $Z \subseteq S^i_2$ for any $i\geq 1$
then the polynomial hierarchy collapses. Here $S^i_2$ are the theories of
Buss~\cite{bus86a}. Unfortunately, despite this property
$Z$ seemed too weak a theory to formalize many of the arguments that have
been
used in computational complexity. In this talk, we give a new arithmetic
characterization of the levels of $\log$-time hierarchy. Using this
characterization,
we propose a new variant of the theory $TAC^0$ of Clote and
Takeuti~\cite{clotak95}.
This variant has nice deductive fragments which in some sense correspond
to
the levels of the log-time hierarchy.
We show that this theory (like $Z$) cannot prove the collapse of the
polynomial hierarchy.
Furthermore, we give some evidence that this theory
may be strong enough to prove that the log-time hierarchy is infinite,
so unlike $Z$ it can carry out useful complexity arguments.

Jul., 2000. On the Complexity of Quantum ACC. Computational Complexity
2000. Florence, Italy. The linked slides have some the content of the original talk; however, some slides are
from a job interview at SJSU and page 13 has been lost.

One way to quantify the difficulty of P = NP problem would be to exhibit a
logical theory which is capable of formalizing current attempts at
answering this question and yet which is not powerful enough to prove or
disprove this equality. Razborov has argued that most current circuit
lower bound techniques can be formalized in a fragment of arithmetic which
roughly has induction on NE-predicates. Nevertheless, exhibiting any
fragment of arithmetic which one can demonstrate cannot prove the collapse
of the polynomial hierarchy is nontrivial. In this talk we will consider a
much weaker theory than Razborov's, but which we argue can still do some
interesting mathematics. Namely, it can "reason" about all the functions
in the log-time hierarchy, it can prove the log-time hierarchy differs
from NP, and, in fact, we give some evidence it might be able to show the
log-time hierarchy is infinite. (In the real world this is known to be
true.) On the other hand, we show this theory cannot prove the polynomial
hierarchy collapses. So, in particular, it cannot prove P = NP, and it
follows that any proof that the polynomial hierarchy collapses, if such a
proof exists, must be formalized in a stronger fragment than ours.

In this talk I will introduce some multifunctions algebras which
for i > 1 correspond to functions computable in polynomial time with a
limited number of witnessing queries to an oracle at the i - 1 level of
the hierarchy. We then consider two subtheories of the well-studied
bounded arithmetic theory S_2 of Buss. Actually, one of our theories is
contained in the other. Using our algebras (mainly the i = 1 variants on
our algebras) we
establish the following properties for these theories:
(1) Neither theory can prove the polynomial hierarchy collapses.
(2) If either theory is contained in S^i_2
for some i then the polynomial hierarchy
collapses.
(3) If either theory proves the polynomial hierarchy is infinite then for
all i, S^i_2
can separate the ith level of the hierarchy.
(4) There is an interesting initial segment of any model of the weaker
theory that satisfies all of IDelta_0 + exp. (Postscript: statement 4 in
restrospect was not quite correct, although it did lead to me write a
paper about IDelta_0 +exp presented in San Diego.)

In trying to solve the P=NP question people have developed lower bounds
techniques such as Hastad's Switching Lemma, Razborov-Smolensky, etc.
These techniques can often be formalized in very weak theories of
arithmetic. One such theory which can prove the Switching Lemma is
S_2(\alpha).
A natural question is "can one show that the P=NP problem is independent
of such theories?" If so, one can rule out certain lower bounds methods as
a means of solving this problem. In this talk we will consider some
complexity questions related to fragments of S_2(\alpha) and bounded query
classes. We will use our results to derive a weak relativized independence
result.

There is a well-known result of Krajicek which connects the bounded query
class P^{\Sigma^p_i}(log) with the Delta^b_{i+1}-predicates of S^i_2.
In this talk we discuss a
generalization of this result which was motivated by trying to show the
Delta^b_{i+1}-predicates of R^i_2 are P^{Sigma^p_i}(loglog). We also
discuss a general condition result which
can be used to show on bounded arithmetic theory is conservative over
another. We then use these results together with recent results about
bounded query classes to derive tighter collapses of the polynomial
hierarchy under the assumption that various bounded arithmetic theories
are equal. We finally discuss new relativized seperations of bounded
arithmetic theories and a weak relativized independence result.

We define and investigate the complexity of several nonmonotonic
logics with quantified Boolean formulas as constraints. We give
quantified constraint versions of the constraint programming formalism
of Marek, Nerode, and Remmel [15] and of the natural extension of
their theory to default logic. We also introduce a new formalism which
adds constraints to circumscription.
We show that standard complexity results for each of these formalisms
generalize in the quantified constraint case. Gogic, Kautz,
Papadimitriou, and Selman [8] have introduced a new method for measuring
the strengths of reasoning formalisms based on succinctness of model
representation. We show a
natural hierarchy based on this measure exists between our versions of
logic programming, circumscription, and default logic. Finally, we
discuss some results about the relative succinctness of our reasoning
formalisms versus any formalism for which model checking can be done
somewhere in the polynomial time hierarchy.